Method and system for exploiting interactions via a virtual environment

ABSTRACT

A method on a computer readable storage medium operable to store a virtual representation of a plurality of physical components, introduce a component having a predefined functionality to interact with the virtual representation and generate indications of a response of the virtual representation to the interactions of the component. A system having a memory configured to store a virtual representation of a plurality of physical components and a processor configured to introduce a component having a predefined functionality to interact with the virtual representation and generate indications of a response of the virtual representation to the interactions of the component.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of and claims priority to U.S. patentapplication Ser. No. 15/362,401, filed Nov. 28, 2016, which is acontinuation of U.S. patent application Ser. No. 12/329,905 filed Dec.8, 2008 (now abandoned). All sections of the aforementionedapplication(s) and/or patent(s) are incorporated herein by reference intheir entirety.

FIELD OF THE DISCLOSURE

A computer readable storage medium storing a set of instructions thatare executable by a processor, the set of instructions being operable tostore a virtual representation of a plurality of physical components,introduce a component having a predefined functionality to interact withthe virtual representation and generate indications of a response of thevirtual representation to the interactions of the component.

A system having a memory configured to store a virtual representation ofa plurality of physical components and a processor configured tointroduce a component having a predefined functionality to interact withthe virtual representation and generate indications of a response of thevirtual representation to the interactions of the component.

BACKGROUND

As embedded devices (e.g., any device that includes a processor,controller, micro-controller or other type of computing device) becomeubiquitous in a variety of environments such as the home and theworkplace, users have a desire for better interaction with such devices.One manner of providing better interaction with a variety of devices ora series of devices that are providing a specific functionality for theuser (e.g., multiple devices that make up a multimedia center) is tocreate a virtual environment that represents the physical devices. Someof these virtual environments allow a user to control the physicaldevices by interacting with the virtual environment. An example of sucha virtual environment is described in U.S. Provisional PatentApplication 61/096,960 entitled “Method and System for ControllingPhysical Components Via A Virtual Environment” filed on Sep. 15, 2008.

BRIEF DESCRIPTION OF THE DRAWINGS

Reference will now be made to the accompanying drawings, which are notnecessarily drawn to scale, and wherein:

FIG. 1 shows a schematic representation of various environmentsaccording to an exemplary embodiment of the present invention.

FIG. 2 shows a virtual physical view of a multimedia center of a homeenvironment according to an exemplary embodiment of the presentinvention.

FIG. 3 shows a virtual physical view of a server room of a centraloffice environment for generating and distributing the multimediainformation destined for the multimedia center according to an exemplaryembodiment of the present invention.

FIG. 4 shows a virtual logical view of a video distribution channelproviding video from the central office environment to the multimediacenter of the home environment according to an exemplary embodiment ofthe present invention.

FIG. 5 provides an exemplary method showing the deployment of an avatarwithin a virtual environment according to an exemplary embodiment of thepresent invention.

DETAILED DESCRIPTION

The exemplary embodiments of the present invention may be furtherunderstood with reference to the following description and the relatedappended drawings, wherein like elements are provided with the samereference numerals. The exemplary embodiments of the present inventionare related to systems and methods for controlling and/or interactingwith a virtual environment that models physical devices and/orapplications. The mechanism for interacting with the virtual environmentwill be referred to as an “avatar.” In normal computing lexicon anavatar is a computer user's representation of himself/herself or alterego, whether in the form of a three-dimensional model used in computergames, a two-dimensional icon used on Internet forums and othercommunities, or a text construct. Thus, an avatar is an “object”representing the embodiment of the user. As used throughout thisdescription, the term “avatar” may refer to the meaning associated withthe normal computing usage. However, the term “avatar” may also be usedto describe a functionality that does not necessarily need to mimic auser. For example, an avatar may will be able to take advantage ofspecial powers that the avatar enjoys by virtue of its existence in thevirtual world. Examples of these special powers will be described ingreater detail below.

However, prior to describing the exemplary embodiments of the avatars,an exemplary virtual environment will be described within which theavatars may be deployed. The exemplary embodiment of a virtualenvironment will be described with reference to a virtual environmentthat models a server network providing multimedia capabilities to a homeenvironment.

However, those skilled in the art will understand from the followingdescription that the avatars may be deployed within any virtualenvironment.

FIG. 1 shows a schematic representation of various environments. Theenvironments include a home environment 20 that includes a multimediacenter 22, a kitchen 24 and an HVAC system 26. In this example, the homeenvironment is discretely broken up into physical locations (e.g.,multimedia center 22 and kitchen 24) or physical function (e.g., HVACsystem 26) where controllable components exist. A more detailed view ofthe multimedia center will be provided below. However, it should benoted that the present invention is not limited to multimediacomponents, but may be implemented to control any physical device thatis capable of being controlled (e.g., a thermostat, an oven, etc.).

Another exemplary embodiment of an environment is a central officeenvironment 30 of a company that is distributing multimedia signals tothe home environment 20. The central office environment 30 includes aserver room 32 and a laboratory 34. In addition, a virtual environment10 is also illustrated. The virtual environment 10 is illustrated asincluding a workstation 15. Those of skill in the art will understandthat a more proper understanding of the interaction between the virtualenvironment 10 and the workstation 15 is that the virtual environment 10is being executed by the workstation 15. That is, the workstation 15 maybe any computing device that is capable of executing the softwarenecessary for carrying out the functionality described herein for thevirtual environment 10. For example, the computing device may be adesktop computer, server station, laptop computer, mobile computingdevice such as a mobile phone, etc.

As shown in FIG. 1, the central office environment 30 and the homeenvironment 20 may exchange signals. An example of the signals may be arequest from the multimedia center 22 for a particular video file (e.g.,a movie) from the central office environment 30. The server room 32 ofthe central office environment 30 may receive the request and fulfillthe request by sending the requested video signal to the multimediaenter 22. In addition, in this example, it is shown that there is aninteraction between the virtual environment 10 and both the homeenvironment 20 and the central office environment 30. As will bedescribed in greater detail below, this interaction allows a userworking in the virtual environment 10 to exercise control over physicalcomponents included in the home environment 20 and/or the central officeenvironment 30 using the interface provided by the virtual environment10.

FIG. 2 shows a virtual physical view 100 of the multimedia center 22 ofthe home environment 20. The virtual physical view 100 is created ineither the virtual environment 10 or in some other computing deviceexecuting a commercially available simulation or virtual world softwareprogram to model the actual multimedia center 22 of the home environmentand then loaded or stored in the virtual environment 10. The virtualphysical view 100 includes multimedia components such as a residentialgateway 105, a computer 110, a television 120, a set top box 125 and astereo 130. The virtual physical view 100 also includes physicalentities such as chairs 140 and desk 150 to model the actual physicalenvironment of the multimedia center 22. The physical view 100 may be areplica of the multimedia center 22 (e.g., the physical floor plan shownin the virtual physical view 100 is nearly exactly the same as theactual floor plan of the multimedia center 22) or it may be an abstractrepresentation of the multimedia center 22 (e.g., the multimediacomponents may be displayed, but not in their exact locations orlayouts). The user may select and build the type of physical view withwhich they are comfortable.

FIG. 3 shows a virtual physical view 200 of a server room 32 of thecentral office environment 30 for generating and distributing themultimedia information destined for the multimedia center 22. Thephysical view 200 is similar to physical view 100, except that it showsthe other end of the distribution network for the multimediainformation. The physical view 200 shows server rack 210 includingservers 211-216, server rack 220 including 221-226 and server rack 230including servers 231-236. The physical view 200 also includes othernetwork components such as routers 240-260 and switches 270 and 280. Aswill be described in greater detail below, the components in the actualserver room 32 are responsible for generating and distributing themultimedia signals that are consumed by the multimedia center of theuser's home.

FIG. 4 shows a virtual logical view 300 of a video distribution channelproviding video to the multimedia center 22. In this exemplaryembodiment, the video distribution channel includes servers 233 and 224(or applications on the servers 233 and 224) that generate the video tobe distributed, router 250 that receives the video signal from servers233 and 224 and routes it to server 212 that is responsible fordistribution of the video signal. The video signal is then sent throughswitch 280 to residential gateway 105 for distribution to the computer110 and/or the television 120 via set top box 125. Those skilled in theart will understand that the virtual logical view 300 is only exemplaryand that many different logical views may be built to model thedistribution of many different types of signals. Thus, there may be manytypes of logical views that are created and stored in the virtualenvironment 10. In addition, the logical view 300 may not include allthe components in the video distribution channel. For example, betweenthe switch 280 that is in server room 280 and residential gateway 105,there may be other network components such as additional servers,routers, switches, repeaters, etc. Again, the user may build the virtuallogical view in any manner that the user is comfortable interacting withthe view.

The following will provide an example of the use of the virtual views100-300 and a user's interaction with the virtual views 100-300. In thisexample, the user may be considered to be a person associated with theentity that is distributing the multimedia signals who is responsiblefor security applications. In this example, the user is attempting torun a test that is designed to disrupt the video signal that is beingdistributed to the multimedia center 22 of the home environment 20.Accordingly, the user may select the video distribution channel virtuallogical view 300 from a list of virtual logical views.

Once the logical view 300 for the video distribution channel isselected, the virtual environment 10 will display the virtual logicalview 300 to the user. In addition, the one or both of the virtualphysical views 100 and 200 may also be displayed. For example, thevirtual environment 10 may include multiple displays or multiple displaypanes to display multiple virtual views. The physical virtual views 100and 200 may be correlated to the virtual logical view 300. For example,the boxes illustrating the various components of the virtual logicalview 300 may be outlined in a specific color. The components illustratedin the virtual physical views 100 and 200 may be colored in the samemanner to illustrate the components that are involved in the selectedlogical view 300. However, it should be noted that two views (e.g., thephysical view and the logical view) are not required. For example, auser may be comfortable with only the physical view or the logical viewand it may not be necessary to show the other view in the virtualenvironment 10.

As described above, there is an actual physical connection between thevirtual environment 10 (e.g., the workstation 15 executing the virtualenvironment 10) and the physical components modeled by the virtual views100-300. Thus, when the user selects the video distribution channellogical view 300, the virtual physical view 100 may show the videosignal on the television 120 or computer 110 that is actually beingdisplayed on the television screen or computer screen in the homeenvironment 20.

The components illustrated in the virtual environment 10 may havevarious functionalities associated with the components that the user mayselect to perform. The associated functionalities may be selected, forexample, using a dropdown menu associated with the component (displayedin either the physical views 100 and 200 or logical view 300). Forexample, the server 233 may be generating a first video stream and theserver 224 may be generating a second video stream. A user, by selectingon of the servers 233 and 224, may be able to toggle the video streamthat is being displayed on the television screen 120. As noted above,this control is exerted both in the virtual environment (e.g., what isbeing displayed on the television 120 screen of virtual physical view100) and on the actual television screen in multimedia center 22.

Thus, as can be seen from the above example, the virtual environment 10may be used to allow a user to interact and exert control overcomponents in the real world environment. This integrating of thevirtual environment 10 with the real world environment may lead to manyunforeseen interactions and consequences. The creation of avatars thatcan “roam” freely within the virtual environment 10 may be used by asystem developer, system administrator, etc. to explore theseinteractions in the virtual environment 10 to determine both thecapabilities and vulnerabilities of the components within the real worldenvironment.

The following will provide examples of the use of avatars within theexemplary virtual environment 10. It should be noted that the exemplaryavatars will be used to produce security exploits to, for example, leadto new security mechanisms. However, the avatars do not need to belimited to security applications, but may be used for any type offunctionality that may be deployed or tested for a real worldenvironment network or component, such as provisioning, networkthroughput, troubleshooting, etc.

A first exemplary avatar may appear to the virtual environment 10 as anInternet Protocol (“IPn) packet that will be able to “flow11 through asystem from end-to-end. As it goes through each element, it will be ableto morph into the correct packet that will enable it to pass through anysecurity checkpoints, such as firewalls, and reach its destination. Atthat point, it may be able to “own11 the destination system byexploiting other vulnerabilities.

For example, a user may select the virtual logical view 300 shown inFIG. 4 and select to inject the IP packet avatar into the server 233.The IP packet avatar may then flow to the router 250, the server 212,the switch 280, the residential gateway 105 and each of the computer 110and the set top box 125. As described above, as the IP packet avatar wasflowing through the system, the IP packet avatar could morph into thecorrect configuration to pass through each device. That is, the model ofthe devices in the virtual environment 10 will include the samefunctionalities as the actual devices that the virtual environment 10 ismodeling. Thus, the virtual components will process IP packets in thesame manner as the actual devices. Those skilled in the art willunderstand that each component will process an IP packet in accordancewith the protocol stack included in the device. Each layer of a protocolstack will strip away various information from the IP packet to processthe specific functionality associated with the layer so that the IPpacket may then be repackaged and forwarded to the next device along thepath to the final destination. The layers of different devices mayrequire different information to continue to process an IP packet. Forexample, the residential gateway 105 may include a firewall to excludemalicious IP packets from entering the devices' residence. The firewallis looking for specific information in each IP packet to allow the IPpacket to enter the residence. The IP packet avatar will have theability to mimic any of this information in order to pass through eachof the devices. Then, when the IP packet avatar reaches the finaldestination (e'.g., the computer 110), the IP packet avatar would now beable to exploit any security vulnerabilities of that destination device.Thus, a user can inject the IP packet avatar to determine what securitybreaches a malicious IP packet can exploit in the system.

Another example of an avatar is a monitoring avatar that can monitor thevirtual environment 10 for signs of the malicious avatars such as theabove described IP packet avatar or other misbehaving avatars. Themonitoring avatar may also include the functionality to respond to themalicious avatars in order to protect the system. Thus, in this manner auser may implement an attack on the system with one or more maliciousavatars and determine whether the monitoring avatars are able toidentify the malicious avatars and take the proper corrective action toprotect against the malicious avatars. Again, in this manner, a user whois attempting to protect the physical components of the network canlaunch a variety of attacks in the virtual environment 10 to determineif the network security measures implemented in the actual network anddevices (as modeled by the monitoring avatar in the virtual environment10) can protect against the various attacks without having to launch anactual attack against the physical network.

As described above, the user can launch a variety of attacks within thevirtual environment 10 using different avatars. A basic attack avatarmay embody any known attack that can be used within a network. Examplesmay include denial of service attacks, eavesdropping, data modification,IP spoofing, sniffer attacks, etc. The basic attack avatar may bemodified as new types of attacks are developed allowing a user to launchattacks within the virtual environment 10 to continuously assess thevulnerability of the actual network.

Another example of an attack avatar may be a social engineering avatar.The social engineering avatar may launch an attack in the virtualenvironment 10, for example, by interacting with other avatars. Socialengineering attacks are those aimed to get proprietary information byconning others. Thus, a user can launch the social engineering avatar tointeract with other avatars to determine the types of attacks to whichother users are vulnerable. For example, the social engineering avatarmay engage another user's avatar in a chat session and ask a series ofquestions aimed at obtaining private information from the other user.The social engineering avatar may then provide the user that launchedthe attack information on the effectiveness of certain techniques toobtain user's private information. The social engineering avatar mayalso be able to use the user's private information to launch otherattacks.

Another example of an avatar may be a discontinuity avatar thatcontinuously probes the virtual environment 10 in search ofdiscontinuities that may be exploitable. For example, this avatar canautomatically walk the entire virtual environment 10 while “clicking” orotherwise exercising its powers in order to determine if there is anunexpected response. Any unexpected response may indicate a software bugthat may be exploitable. This avatar will especially probe the edges ofthe world where there may be programming discontinuities. A special caseof the discontinuity avatar may be able to “see” everything in thevirtual environment 10. It will use its powers of teleporting its visionin order to get into secure areas to carry out security exploits.

A final exemplary avatar may be a self-developing avatar. This avatarwill increase in knowledge by virtue of its interaction with otheravatars and with the virtual environment 10. It will developindependently of its “master” in the real world environment. It willlearn the tricks of hacking the virtual environment 10 just asreal-world hackers learn their trade. This self-developing avatar couldturn out to be the most powerful avatar because it may exhibit the mostunpredictable behavior.

Those skilled in the art will understand that the above avatars are onlyexemplary and that many different avatars having many different types offunctionalities within the virtual environment may be developed. Theintegrating of the virtual environment with the real world environmentwill lead to many unforeseen interactions and consequences. Theinteraction between the virtual environment and the real worldenvironment and the creation of avatars that can be exercisedextensively to explore some of the many interactions will result inallowing users to better understand the real world environmentpossibilities of the network, both potential problems and potentialbenefits. For example, the results may be used to explore new attacksand then help us design new security mechanisms that are effectivewithout unduly constraining creativity.

FIG. 5 provides an exemplary method 400 showing the deployment of anavatar within the virtual environment 10. Again, the exemplary avatarbeing deployed is shown as a security related avatar, but this is onlyexemplary. In step 410, the real world environment is virtualized tocreate the virtual environment 10. In step 420, the exemplary avatar isdeployed within the virtual environment 10. The avatar will then performits functionality. For example, if the deployed avatar is the IP packetavatar, the avatar will perform according to the description of such anavatar described above.

In step 430, it is determined whether the avatar exploited any securityissues within the virtual environment. For example, was the IP packetavatar able to access a user's environment and gain access to a user'scomponent. In another example, it may be determined if the socialengineering avatar was able to obtain a user's private information. Ifthe avatar is not able to exploit any security issues in step 430, theresults may be displayed to the user in step 450. The results in such acase may simply be that the avatar has been deployed, but that it hasnot been able to cause any problems within the virtual environment 10.

If the avatar is able to exploit a security issue in step 430, thisinformation may also be displayed to the user in step 450. The displaymay show the user, for example, the type of vulnerability that theavatar exploited or the type of successful attack launched by theavatar. In addition, the method may continue to step 440 to determine ifany countermeasures deployed in the network can resolve the issuecreated by the avatar. For example, if the avatar is a basic attackavatar that launches a denial of service attack, the network may includecountermeasures such as blocking traffic from certain IP address orrange of address, disconnecting offending nodes or edge devices of thenetwork, etc. to combat such an attack. In step 440, it is determined ifthese countermeasures are successful or if there are any countermeasuresthat were attempted to deal with the issue. If the countermeasures aresuccessful, the results are displayed to the user in step 450. Forexample, the display may indicate the type of countermeasure that wasused and how it mitigated the attack. If the countermeasure wasunsuccessful or not deployed at all, the display may indicate thisinformation and may also indicate a potential type of countermeasurethat may be used.

It should be noted that once an avatar is deployed within the virtualenvironment 10, it may remain active for extended periods of timewaiting to exploit vulnerabilities within the network as the network ischanged, e.g., new hardware is added, new applications are added, etc.In addition, as noted multiple times above, security type avatars arenot the only type of avatars that may be deployed within the virtualenvironment. For example, there may be an avatar that is related tonetwork routing that runs through various network routing scenariosbased on different network loadings and other factors to determine abest route for packets within the network. This avatar may runconstantly in the virtual environment and the results may be used toalter the routing tables of routing devices in the real worldenvironment. Thus, the deployment method for different avatars may bedifferent depending on the functionality provided by the avatars.

It will be apparent to those skilled in the art that variousmodifications may be made in the present invention, without departingfrom the spirit or the scope of the invention. Thus, it is intended thatthe present invention cover modifications and variations of thisinvention provided they come within the scope of the appended claimedand their equivalents.

What is claimed is:
 1. A computer-readable storage medium including aset of instructions that, when executed by a processor, cause theprocessor to perform operations, the operations comprising: introducingan object into a virtual environment having a predefined functionalityto interact with the virtual environment, wherein the object is anavatar that continuously assesses a first type of vulnerabilityassociated with the virtual environment, wherein the avatar remainsactive to continuously assess the first type of vulnerability, whereinthe virtual environment includes a virtual representation of a pluralityof physical components, wherein a real world environment comprises theplurality of physical components, wherein the plurality of physicalcomponents comprises a physical video display, wherein the virtualrepresentation of the plurality of physical components comprises avirtual video display; and allowing a user to exert control over theplurality of physical components in the real world environment using thevirtual environment, the control comprising selection by the user of aselected video signal from among a plurality of video signals and thecontrol further comprising causing presentation of the selected videosignal on the physical video display along with a correspondingpresentation of the selected video signal on the virtual video display.2. The computer-readable storage medium of claim 1, wherein theoperations further comprise: introducing a further object into thevirtual environment having a further predefined functionality tointeract with the virtual environment, wherein the further object is afurther avatar that continuously assesses a second type of vulnerabilityassociated with the virtual environment.
 3. The computer-readablestorage medium of claim 1, wherein the first type of vulnerabilitycorresponds to an IP packet and wherein the avatar is an IP packetavatar that interacts with each virtual representation of the pluralityof physical components, wherein prior to interacting with each virtualrepresentation of the plurality of physical components the IP packetavatar alters a configuration of the IP packet avatar into a type ofconfiguration that allows the IP packet avatar to be processed by eachvirtual representation of the plurality of physical components withoutbeing prohibited by a security measure when the IP packet avatarinteracts with each virtual representation of the plurality of physicalcomponents.
 4. The computer-readable storage medium of claim 3, whereinthe type of configuration corresponds to an IP protocol stack of thevirtual representation of the plurality of physical components.
 5. Thecomputer-readable storage medium of claim 1, wherein the operationsfurther comprise: configuring, for display, data that corresponds to thefirst type of vulnerability associated with the virtual environment. 6.The computer-readable storage medium of claim 1, wherein the first typeof vulnerability corresponds to proprietary information and the avataris a social engineering avatar that provides a series of questions to afurther avatar that are formulated to obtain the proprietaryinformation.
 7. The computer-readable storage medium of claim 1, whereinthe first type of vulnerability corresponds to discontinuities withinthe virtual environment and wherein the avatar is a discontinuity avatarthat interacts with an entirety of the virtual environment, excludingany further avatars within the virtual environment, to determine anydiscontinuities within the virtual environment, wherein thediscontinuities include an occurrence of an unexpected response by thevirtual environment.
 8. The computer-readable storage medium of claim 1,wherein the avatar is a self-developing avatar that interacts with anentirety of the virtual environment and any further avatars within thevirtual environment and wherein the self-developing avatar determines aprocedure to exploit the first type of vulnerability associated with thevirtual environment based on interactions of the self-developing avatar.9. The computer-readable storage medium of claim 1, wherein theoperations further comprise: determining a countermeasure that mitigatesthe first type of vulnerability within the virtual environment; andexecuting the countermeasure.
 10. The computer-readable storage mediumof claim 1, wherein the operations further comprise: configuring, fordisplay, a type of a countermeasure that was executed and dataassociated with a procedure that corresponds to the countermeasure. 11.A system, comprising: a processing system including a processor; and amemory that stores executable instructions that, when executed by theprocessing system, facilitate performance of operations, the operationscomprising: introducing an object into a virtual environment, the objecthaving a predefined functionality to interact with the virtualenvironment comprising a virtual representation of a plurality ofphysical components, wherein the object is an avatar that continuouslyassesses a first type of vulnerability associated with the virtualenvironment, wherein the avatar remains active to continuously assessthe first type of vulnerability, wherein a real world environmentcomprises the plurality of physical components, wherein the plurality ofphysical components comprises a physical display, wherein the virtualrepresentation of the plurality of physical components comprises avirtual display, and wherein the virtual representation includes areplication of a physical layout of each of the plurality of physicalcomponents relative to one another in the real world environment; andallowing a user to exert control over the plurality of physicalcomponents in the real world environment using the virtual environment,the control comprising selection by the user of a selected video signalfrom among a plurality of video signals and the control furthercomprising causing presentation of the selected video signal on thephysical display along with a corresponding presentation of the selectedvideo signal on the virtual display.
 12. The system of claim 11, whereinthe operations further comprise: introducing a further object into thevirtual environment having a further predefined functionality tointeract with the virtual environment, wherein the further object is afurther avatar that continuously assesses a second type of vulnerabilityassociated with the virtual environment.
 13. The system of claim 11,wherein the first type of vulnerability corresponds to an IP packet andwherein the avatar is an IP packet avatar that interacts with eachvirtual representation of the plurality of physical components, whereinprior to interacting with each virtual representation of the pluralityof physical components the IP packet avatar alters a configuration ofthe IP packet avatar into a type of configuration that allows the IPpacket avatar to be processed by each virtual representation of theplurality of physical components without being prohibited by a securitymeasure when the IP packet avatar interacts with each virtualrepresentation of the plurality of physical components.
 14. The systemof claim 11, wherein the first type of vulnerability corresponds toproprietary information and the avatar is a social engineering avatarthat provides a series of questions to a further avatar that areformulated to obtain the proprietary information.
 15. The system ofclaim 11, wherein the first type of vulnerability corresponds todiscontinuities within the virtual environment and wherein the avatar isa discontinuity avatar that interacts with an entirety of the virtualenvironment, excluding any further avatars within the virtualenvironment, to determine any discontinuities within the virtualenvironment, wherein the discontinuities include an occurrence of anunexpected response by the virtual environment.
 16. The system of claim11, wherein the avatar is a self-developing avatar that interacts withan entirety of the virtual environment and any further avatars withinthe virtual environment and wherein the self-developing avatardetermines a procedure to exploit the first type of vulnerabilityassociated with the virtual environment based on interactions of theself-developing avatar.
 17. The system of claim 11, wherein theoperations further comprise: determining a countermeasure that mitigatesthe first type of vulnerability within the virtual environment; andexecuting the countermeasure.
 18. The system of claim 11, wherein theavatar is a network routing avatar that determines an alternate routingtable for the plurality of physical components in the real worldenvironment based on processing, in the virtual environment, a pluralityof network routing scenarios that correspond to a plurality of networkloads.
 19. The system of claim 11, wherein the avatar operatescontinuously throughout execution of the virtual environment.
 20. Amethod, comprising: introducing, by a processing system including aprocessor, an object into a virtual environment having a predefinedfunctionality to interact with the virtual environment, wherein theobject is an avatar that continuously assesses a first type ofvulnerability associated with the virtual environment, wherein theavatar remains active to continuously assess the first type ofvulnerability, wherein the virtual environment a virtual representationof a plurality of physical components, wherein a real world environmentcomprises the plurality of physical components, wherein the plurality ofphysical components comprises a physical display, wherein the virtualrepresentation of the plurality of physical components comprises avirtual display; and allowing, by the processing system, a user to exertcontrol over the plurality of physical components in the real worldenvironment using the virtual environment, the control comprisingselection by the user of a selected video stream from among a pluralityof video streams and the control further comprising causing presentationof the selected video stream on the physical display along with acorresponding presentation of the selected video stream on the virtualdisplay.